13 matches found
EUVD-2010-2821
Malware in sbrugna...
EUVD-2007-3789
Malware in sbrugna...
EUVD-2014-2183
Malware in sbrugna...
EUVD-2014-3396
Malware in sbrugna...
Cisco ASA Remote Code Execution (CVE-2016-1287)
Remote Code Execution on Cisco ASA A year ago ExodusIntel disclosed a vulnerability affecting the IKE implementation in Cisco’s ASA products. The error is due to an overflow in the checking of reassembled IKE fragments, and allows remote code execution from an unauthenticated attacker. More...
Cisco ASA < 9.1(7) IKEv1 and IKEv2 UDP Packet Handling RCE (cisco-sa-20160210-asa-ike)
Binary data 801950.prm...
Code injection
The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices allows remote authenticated users to cause a denial of service device reload by sending a crafted message during IPsec tunnel setup, aka Bug ID CSCur70505...
CVE-2014-3383
CVE-2014-3383 affects Cisco ASA Software 9.1 before 9.1(5.1). The IKE implementation in the VPN component can be triggered by crafted UDP packets, allowing a remote attacker to cause a denial of service (device reload). Affected description is supported by multiple sources in the provided connect...
Cisco ASA 5500 Series Multiple DoS Vulnerabilities (cisco-sa-20100804-asa)
The remote Cisco ASA is missing a security patch and may be vulnerable to the following issues : - Multiple DoS vulnerabilities in the SunRPC inspection engine that can be triggered by sending unspecified UDP packets. CVE-2010-1578, CVE-2010-1579, CVE-2010-1580 - Multiple TLS DoS vulnerabilities...
Design/Logic Flaw
Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances ASA 5500 series devices with software 7.0 before 7.08.11, 7.1 and 7.2 before 7.25, 8.0 before 8.05.15, 8.1 before 8.12.44, 8.2 before 8.22.10, and 8.3 before 8.31.1 and Cisco PIX Security Appliances 500 seri...
Code injection
The IKE implementation in Clavister CorePlus before 8.80.03, and 8.80.00, does not properly validate certificates during IKE negotiation, which allows remote attackers to cause a denial of service gateway stop via certain certificates...
CVE-2007-3805
The IKE implementation in Clavister CorePlus before 8.80.03, and 8.80.00, does not properly validate certificates during IKE negotiation, which allows remote attackers to cause a denial of service gateway stop via certain certificates...
Multiple vendors' Internet Key Exchange (IKE) implementations do not properly handle IKE response packets
Overview Internet Key Exchange IKE implementations from several vendors contain buffer overflows and denial-of-service conditions. The buffer overflow vulnerabilities could permit an attacker to execute arbitrary code on a vulnerable system. Description The CERT/CC has received a report describin...